- 16 Feb, 2021 13 commits
-
-
Deucе authored
-
Deucе authored
x points to the terminating NUL in x64. free()ing it would do wild and crazy things depending on how paranoid the free() implementation is. free(x64) instead... at least Coverity was happy though!
-
Rob Swindell authored
The socket set allocated by xpms_create() was never freed. Found by Coverity.
-
Rob Swindell authored
-
Rob Swindell authored
Deuce said to just delete it. <shrug>
-
Deucе authored
-
Rob Swindell authored
-
Rob Swindell authored
-
Rob Swindell authored
-
Rob Swindell authored
-
Rob Swindell authored
-
Rob Swindell authored
-
Rob Swindell authored
-
- 15 Feb, 2021 27 commits
-
-
Deucе authored
-
Deucе authored
-
Rob Swindell authored
3rd party external doors - exitilus, jibben, jns See merge request !110
-
Rob Swindell authored
3rd party external doors - exitilus, jibben, jns See merge request !110
-
Michael Long authored
-
Michael Long authored
-
Rob Swindell authored
... instead of the JSON parse exception as reported via IRC: <matjam> !finger ?bbs:Stupendous BBS@vert.synchro.net result: SyntaxError: JSON.parse
-
Rob Swindell authored
... instead of the JSON parse exception as reported via IRC: <matjam> !finger ?bbs:Stupendous BBS@vert.synchro.net result: SyntaxError: JSON.parse
-
Rob Swindell authored
-
Rob Swindell authored
-
Rob Swindell authored
The Synchronet FTP server has (since 2001) disallowed PORT/EPRT/LPRT commands with a "reserved" port number (i.e. < 1024) as recommended by RFC2577 and when attempted, would log a "SUSPECTED FTP BOUNCE HACK ATTEMPT" in the data/hack.log file. However, as Karloch (HISPAMSX) pointed out recently, an FTP Bounce Attack to other TCP ports was still possible (and detected/reported by some security scans as a potential vulnerability). So, reject all PORT/EPRT/LPRT commands that specify an IP address other than that used for the control TCP connection unless the sysop specifically enables the new "ALLOW_BOUNCE" option flag (in the [ftp] section of sbbs.ini) and the user is an authenticated non-guest/anonymous user. And as before, log the attempt as a suspected hack attempt. This change also removes the "Directory File Access" checkbox from the Synchronet Control Panel for Windows as that feature is "going away" soon (or at least, it won't be an FTP-specific option/feature if it remains).
-
Rob Swindell authored
The Synchronet FTP server has (since 2001) disallowed PORT/EPRT/LPRT commands with a "reserved" port number (i.e. < 1024) as recommended by RFC2577 and when attempted, would log a "SUSPECTED FTP BOUNCE HACK ATTEMPT" in the data/hack.log file. However, as Karloch (HISPAMSX) pointed out recently, an FTP Bounce Attack to other TCP ports was still possible (and detected/reported by some security scans as a potential vulnerability). So, reject all PORT/EPRT/LPRT commands that specify an IP address other than that used for the control TCP connection unless the sysop specifically enables the new "ALLOW_BOUNCE" option flag (in the [ftp] section of sbbs.ini) and the user is an authenticated non-guest/anonymous user. And as before, log the attempt as a suspected hack attempt. This change also removes the "Directory File Access" checkbox from the Synchronet Control Panel for Windows as that feature is "going away" soon (or at least, it won't be an FTP-specific option/feature if it remains).
-
Rob Swindell authored
Reverted the SAFECOPY() NULL source-pointer magic "(null)" string thing as that caused a different Coverity issue. Explicitly check for NULL at the call-sites instead.
-
Rob Swindell authored
Reverted the SAFECOPY() NULL source-pointer magic "(null)" string thing as that caused a different Coverity issue. Explicitly check for NULL at the call-sites instead.
-
Rob Swindell authored
Make Coverity happy.
-
Rob Swindell authored
Make Coverity happy.
-
Rob Swindell authored
-
Rob Swindell authored
-
Rob Swindell authored
-
Rob Swindell authored
-
Rob Swindell authored
Hopefully not introducing any bugs in the process.
-
Rob Swindell authored
Hopefully not introducing any bugs in the process.
-
Rob Swindell authored
The new subject line parsing (with quoted-filename support) had a NULL-pointer deref built-in. Also fixed a few Coverity-reported issues.
-
Rob Swindell authored
-
Rob Swindell authored
Caught by Coverity.
-